PUA

PUA:Win32/SpeedingUpMyPC malicious file

Malware Removal

The PUA:Win32/SpeedingUpMyPC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA:Win32/SpeedingUpMyPC virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Attempts to connect to a dead IP:Port (5 unique times)
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Checks for the presence of known windows from debuggers and forensic tools
  • Attempts to modify proxy settings

Related domains:

www.winaso.com
ocsp.digicert.com

How to determine PUA:Win32/SpeedingUpMyPC?



File Info:

crc32: 1042BC01
md5: 7978992a67c58904fb24c34d14b69268
name: 100114534_7978992a67c58904fb24c34d14b69268.exe
sha1: 3524a98a98455e0e698dc41d30e697fc8dec1d71
sha256: d1cf92b9cf71f1f32c9313412485b68cf6cb3c0cb6d0a8b41468ce5d3e560dce
sha512: 034577e936ea40e2c71066468cce6a487d886aba6b505834c99c6f9274fde03cd0c06fc0c9c4c3397d45e4a2f6bdbb63cce7b57eb5251a733da14503815efd24
ssdeep: 196608:B5qFobqAA6GGY9LNV1tnkApu5QJS6TOIJ00J8Ap96IVb/uzAwNTm:B5+4qAARGYZNLtnbpu5wSOOIVJ8Ap96i
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileDescription: WinASO Registry Optimizer Setup                             
FileVersion:                     
Comments: This installation was built with Inno Setup: http://www.innosetup.com
CompanyName: X.M.Y International LLC                                     
Translation: 0x0409 0x04e4

PUA:Win32/SpeedingUpMyPC also known as:

MicroWorld-eScanApplication.Sobrab.UZ
FireEyeApplication.Sobrab.UZ
CAT-QuickHealTrojan.Deceptpcclean
McAfeeSunnyDigit
CylanceUnsafe
K7AntiVirusRiskware ( dec0029e1 )
BitDefenderApplication.Sobrab.UZ
K7GWRiskware ( dec0029e1 )
TrendMicroPUA.Win32.RegOptimizer.AB
TrendMicro-HouseCallPUA.Win32.RegOptimizer.AB
GDataApplication.Sobrab.UZ
KasperskyHoax.Win32.DeceptPCClean.acs
AegisLabTrojan.Multi.Generic.4!c
Ad-AwareApplication.Sobrab.UZ
SophosGeneric PUA NJ (PUA)
ComodoApplicUnwnt@#2l7el52dodt2l
F-SecurePotentialRisk.PUA/Systweak.jfy
McAfee-GW-EditionSunnyDigit
EmsisoftApplication.Sobrab.UZ (B)
AviraPUA/Systweak.jfy
ArcabitApplication.Sobrab.UZ
ZoneAlarmHoax.Win32.DeceptPCClean.acs
MicrosoftPUA:Win32/SpeedingUpMyPC
MAXmalware (ai score=94)
VBA32Malware-Cryptor.Trac
PandaPUP/WinASO
FortinetRiskware/DeceptPCClean
MaxSecureTrojan.Malware.74320245.susgen

How to remove PUA:Win32/SpeedingUpMyPC?

PUA:Win32/SpeedingUpMyPC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

1 Comment

Leave a Comment